Legal

Privacy Policy

Effective April 22, 2026

SignalGuide is operated by Go Ventures LLC ("SignalGuide", "we", "us"). This policy explains what we collect, how we use it, and the rights you have over your data.

Summary

  • We only read your Google Analytics, Search Console, and Google Ads data so we can produce your own reports.
  • We don't sell your data, show you ads, or share it with third-party marketers.
  • Your Google OAuth tokens are encrypted at rest.
  • You can disconnect your Google account and delete your data at any time.
  • Questions: privacy@signalguide.io.

1. What we collect

Account information

  • Your name and email address, provided by Google when you sign in.
  • Billing information handled by Stripe (we never see your card number).
  • Configuration you enter yourself: site names, conversion pages, content clusters, report schedules.

Google User Data

When you sign in, we request access to the following Google scopes:

  • Google Analytics (analytics.readonly) — sessions, users, page views, bounce rate, traffic sources, and related dimensions for the GA4 properties you connect.
  • Google Search Console (webmasters.readonly) — search queries, impressions, clicks, and average positions for the sites you connect.
  • Google Ads (adwords) — campaign performance, keyword data, and conversion metrics for the Ads accounts you connect.

We only read data. We never write to or modify anything in your Google accounts.

Usage data

  • Pages you visit inside the SignalGuide app, feature interactions, and error logs.
  • Basic IP address and user agent metadata for security and debugging.

2. How we use your data

We use the data we collect only to:

  • Generate your reports, briefings, and dashboards.
  • Detect anomalies, rank insights, and produce written analysis in the app.
  • Deliver reports to you by email or other channels you configure.
  • Provide customer support when you contact us.
  • Bill you for your subscription and prevent fraud.
  • Improve the product through aggregate, de-identified usage analysis.

We do not use Google user data to train advertising models, sell it, share it with advertisers, or use it for any purpose other than rendering the user-facing features of SignalGuide.

3. Google API Services User Data Policy

SignalGuide's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

4. How we store and secure data

  • All data is encrypted in transit via TLS.
  • Google OAuth tokens are encrypted at rest with a rotated symmetric key (Fernet).
  • Production data is stored on Railway-managed PostgreSQL with daily backups.
  • Access to production systems is restricted to authorized engineers and gated by 2FA.

5. Subprocessors

We rely on a small number of trusted third parties to run SignalGuide:

  • Railway — application hosting and managed Postgres database.
  • Anthropic — LLM analysis of your data to produce written findings. Anthropic does not use this data to train its models.
  • Resend — email delivery.
  • Stripe — payment processing.
  • Google — the source of the analytics data, accessed only with your authorization.

6. Data retention

  • Your account and configuration are retained while your account is active.
  • Cached analytics snapshots are retained for the history window of your plan (90 days for Free/Pro, 12 months for Agency).
  • Deleted accounts: all personal data, Google tokens, and report history are purged within 30 days of deletion.
  • Billing records are retained as required by law (typically 7 years).

7. Your rights

At any time you can:

  • Access your data through the app dashboard.
  • Export your configuration and report history.
  • Disconnect your Google account in Settings, which revokes our tokens immediately.
  • Delete your SignalGuide account in Settings, which triggers a full purge within 30 days.
  • Revoke Google access directly at myaccount.google.com/permissions.

If you're in the EEA, UK, or California, you also have rights under GDPR and CCPA to request access, correction, portability, or erasure. Email privacy@signalguide.io and we'll respond within 30 days.

8. Cookies

We use a single first-party session cookie for authentication (sg_session). We do not use third-party advertising cookies or cross-site tracking pixels.

9. Children

SignalGuide is not directed to children under 18 and we do not knowingly collect data from them.

10. Changes to this policy

We'll post material changes on this page and, when appropriate, notify you by email. The effective date at the top of this page is updated with every change.

11. Contact

Go Ventures LLC
privacy@signalguide.io